A key purpose of the @RISK is to provide the data that will ensure that the 20 Critical Controls (the US and UK benchmark for effective protection of networked systems) continue to be the most effective defenses for all known attack vectors. But since it is also valuable for security practitioners, SANS is making it available to the 145,000 security practitioners who have completed SANS security training and others at their organizations who hope to stay current with the offensive methods in use.

TOP VULNERABILITY THIS WEEK: The .cn TLD was hit by what Chinese
authorities described as the country's "largest-ever" DDoS attack over
the weekend, disrupting service there for approximately four hours. The
attack, whose source is so far unknown, highlights the vulnerability of
the modern Internet to flooding attacks, which have been a growing
scourge for financial institutions, governments, and others in the last
few years.

Analyst Webcast - Actionable Tools for Convincing Management to Fund
Application Security
Featuring: John Pescatore and Jeremiah Grossman. Join us in exploring
how to advance the state of application security across the industry.
Thursday, September 19, 2013 at 1:00 PM EDT.

2) Join John Pescatore and Tony Sager as they moderate a panel
discussion on the upcoming SANS webcast titled, "Using the DHS
Continuous Diagnostics and Mitigation Contract to Make Real Security
Advances?. Tuesday, September 10, 2013 at 10:00 AM EDT.http://www.sans.org/info/138202

Title: New Android malware sample uses SMTP to send mail
Description: While most Android malware uses some combination of SMS,
HTTP, and/or a custom binary protocol to communicate with the outside
world, a recently discovered sample from China uses SMTP to send stolen
data to its controllers. This novel technique illustrates the growing
complexity of Android malware, which continues to thrive in third-party
markets, particularly in Asia.
Reference:http://www.f-secure.com/weblog/archives/00002594.html
Snort SID: 27725
ClamAV: ANDR.Trojan.SMSAgent-1

Title: New version of DirtJumper malware adds anti-DDoS tool features
Description: In an excellent illustration of the ongoing cat-and-mouse
game between malware creators and network defenders, a new version of
the popular DirtJumper DDoS software was recently released which
intelligently probes for the presence of certain types of network
defense tools. While security vendors are responding by updating their
detection mechanisms, such measures are reactive at best, and will
necessarily suffer from coverage gaps when further updates to the
toolset are released.
Reference:http://www.crn.com/news/security/240160429/dirt-jumper-ddos-toolkit-gets-security-evasion-functionality.htm
Snort SID: 25903 - 25927
ClamAV: DoS.DirtJumper

This is a list of recent vulnerabilities for which exploits are
available. System administrators can use this list to help in
prioritization of their remediation activities. The Qualys Vulnerability
Research Team compiles this information based on various exploit
frameworks, exploit databases, exploit kits and monitoring of internet
activity.

(c) 2013. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only.

Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit https://www.sans.org/account